ExchangeDefender is starting 2021 with a subtle yet huge change in the way our applications and services interact on the backend – we have fully implemented OAuth. OAuth is a popular authentication / login framework that uses authorization tokens instead of passwords to grant you access to different/unrelated services.
What this means in practical terms is that once you login to ExchangeDefender, you will be authorized to access all of the applications you have access to without logging in again and again as you hop from your SPAM Quarantine to your Password Vault to Wrkoo Invoices or ExchangeDefender support.
It also means you are now able to use authenticator apps from Google, Microsoft, as well as SMS. We are already working on Microsoft Authenticator, and for users that don’t trust big tech, Authy.
What will it look like?
Deployment of OAuth is completely transparent to the user and their login experience will not change. We are currently running OAuth in an open beta with our larger MSPs and enterprise customers and the login screen looks like this:
After you login with your username and password, you will be taken to our OAuth enrollment screen where you will be prompted for your password again (or prompted to reset it, if it’s older than 90 days).
That’s all. You’ll be enrolled in OAuth and from that point on your access to all our sites and services will be handled with authentication tokens instead of passwords.
After you’re authenticated, your avatar in the upper right hand side will feature shortcuts to the rest of the ExchangeDefender/Wrkoo/Own Web Now sites you have access to and they’ll be just a click away. This implementation will help us streamline access to all of the services the user is authorized to access, making it much easier to access all the services without dealing with multiple portals, sites, and login credentials.
P.S. I have blogged repeatedly imploring our partners and clients to adopt better password policies and two-factor authentication. Truth is, no matter how amazing and unique your password is, it’s passing through series of potentially compromised routers and networks. Even though ExchangeDefender offers free 2FA, OTP, and requires strong passwords with option to automatically expire them – the adoption rate is still under 10%.
The restructure of the encryption portal was driven solely to enhance the user experience. The ExchangeDefender Encryption Portal gives users central access to all encryption messages, contacts, advanced encryption options groups, SMS, URL as well as a full audit log. All available from a secure site, available via desktop and mobile.
Let’s take a look at what’s new:
For Contacts, we have made it easy to be more productive by saving contacts you often send messages to.
Click, Create New Contact and provide the name and email address. It is that simple.
Basic vs. High Security
Primarily High Security requires the recipient to create a profile to ensure the message is not compromised by a 3rd party. We strongly encourage the use of High Security. Basic Security also provides end-to-end encryption, but does not require the recipient to register with ExchangeDefender.
Advanced Options are located on the right hand side of your screen, these features were created to enhance the user experience and to offer more flexibility for the user.
- Automatically destroy the message after # days.
- Notify this user when the recipient reads this message
- Password protect this message
- Notify me when the recipient reads this message
- Actions allowed for recipients: Allow Reply/Forward or to Print
ExchangeDefender Encryption also supports groups. You can add contacts to a group by clicking on +Create New Group and providing information about your contacts. At any time, you can also click on the + icon next to the group name to +Add more members or click on the red X button to remove from the group.
Send encrypted messages via URL (Website)
ExchangeDefender Encryption enables you to send encrypted messages to web sites and services while maintaining the security and custody of the message contents.
The system generates a short URL that can be copied and pasted into Slack, Teams, Facebook, social media, or any other web site. URL Encrypted Messages are the most popular features as it provides a secure authentication layer, automatically deletes contents, and provides tracking. Simply type your subject, message, attach documents and click Send and a dialog box will pop up with the link to the message. You can copy and paste this link and everyone with the access to it.
Send encrypted messages via SMS
Send encrypted messages to mobile devices via SMS / text messages. This feature is highly sought after by doctors, attorneys and insurance personnel that are frequently interacting with clients that are on the move. “We’ll just text it to you” is an easy way to deliver a secure message via the recipient’s mobile phone number.
The recipient receives an SMS message with a link to the secure encrypted message. They will click the link, the default web browser on the phone will go to the secure SSL-encrypted web site to show message contents.
ExchangeDefender encryption portal has adopted Internationalization by designing the portal to be adaptive to various regions without engineering changes.
Every action related to encryption is listed here and reflects what was done even after the messages are gone.
To learn more about ExchangeDefender Corporate Encryption, click here.
We recently won a very large financial institution contract with our ExchangeDefender Corporate Encryption by solving a not-so-unique problem many businesses have with their encryption solution:
“It’s a disaster. I spend more time resending encrypted messages or walking clients through how to access forms than I do on actual processing.”
This is what we heard over and over – email encryption solutions are ugly, not intuitive, not very user friendly, and half the time they get lost somewhere along the way. If your business has a loan officer doing email support, your email encryption is not working for your business.
“Sometimes we just text them parts of it blurred out so we can move ahead until they come into our branch.”
What if you could text them, but securely?
Mobile phones have become so ubiquitous that they are already being used a secondary security credential (via 2 factor authentication or OTP) – and now ExchangeDefender enables you to rely on them to securely grant access to confidential or sensitive information
ExchangeDefender makes this easy by allowing you to simply send anything you need to handle securely to your clients phone via SMS/text. And to do so while being even more secure than with email. Unlike email, that multiple people (from admin to IT) have access to, only you have access to your phone. Nobody else, with your credentials, can snoop on that. So compose a message, type in a phone number and send them the link to the document and attachments securely.
But ExchangeDefender Corporate Security makes that even better and more safe. First, you can password protect the message and either give them in a call or using other means. You can even make sure that they cannot share it or that it would get compromised later – just set the message to expire after it’s been viewed.
And of course you will be alerted when they actually click on the link and access your message.
You can even track it.
ExchangeDefender Corporate Encryption is truly enabling multi-platform secure sharing of secret, sensitive, and personally identifiable information. With our SMS/text feature, you can now reach people on their mobile devices and get them secure access to the information without an app or without dealing with their email issues. Best of all, your message never leaves you, the clients only get the link – so if you made a mistake, you can revoke and destroy the message immediately.
This level of secure messaging and audit trail is unprecedented – and now you can say “I’ll just text it to you, but securely. Password is encryption and it will auto-destroy after you pick it up.”
Due to popular demand, we’ve added some new Distribution Group features to our Exchange/M365 Service Manager. The features are all about external (mail enabled) contacts that have a huge presence in the SMB/consulting organizations:
External Contacts or Mail Enabled Contacts are great when you need to give a person an email address on your domain without giving them their own mailbox. This is a very popular feature in SMB/consulting community when it comes to contractors and third parties that already have their own email infrastructure but for compliance (or vanity) purposes they need an email on your domain.
External Contacts allow you to assign an email address on your domain (firstname.lastname@example.org) and automatically forward all their mail to their existing email address (email@example.com).
Not only does this feature help save money on licensing costs, it also eliminates the need for the person to setup another account and check mail at a new place.
The upgrade we’re announcing today has to do with External or Mail Enabled contacts as a part of a Distribution Group (Exchange term for “mailing list”): You can now add external email addresses to any internal/external distribution group from the Service Manager at https://support.ownwebnow.com. Now when you try to create or modify a distribution group, your “Add a new member” screen will show your defined external contacts as well!
This is one of the most demanded features in Service Manager, and we hope it serves your business well!
But her (external) emails!
Unfortunately for some, the Internet standards still apply and most service providers are rapidly removing features that have anything to do with external mail forwarding. This is mainly due to rise of SMTP authentication/authorization protocols like SPF, DomanKeys (DKIM) that do not work with the way mail enabled external contacts are implemented in Microsoft Exchange and other email servers. When the mail is being forwarded to the external contact, the From line remains intact so that the recipient can identify the person sending the email (for example, firstname.lastname@example.org). But when the message is forwarded to the external contact, the receiving server will look at the from line and see that the message is from a domain hosted on Gmail but sent from the ExchangeDefender address space (that is obviously not a part of Google Gmail SPF/DKIM record) and depending on configuration might consider that message to be a forgery/spoof/SPAM.
This isn’t an ExchangeDefender issue, or a Microsoft issue, or a Gmail issue, it’s a part of the protocol specification. And while everyone else is making this feature go away (because it can affect server reputation), we’re working on rewriting/improving it. We are currently working on a feature that will rewrite the From line, so when Exchange forwards an email “From: Vlad Mazek <email@example.com>” to an external contact, the recipient will get an email that shows this on the from line: “From: Vlad Mazek <firstname.lastname@example.org>” that will help bypass SPF/DKIM checks on the receiving side.
Today’s webinar featured the launch of ExchangeDefender’s next generation LiveArchive, showcased by CEO, Vlad Mazek.
The new Live Archive is now a webmail in its own right not dependent on Exchange, Gmail or other major email providers. You’ll have to watch the video tour to get understand the mega power of the new service but a few highlights are:
– Live Archive offers real-time archiving of all inbound and outbound mail
– The ability to send and receive email during outages and other network disruptions
– The mailbox holds up to one year of mail
– Live Archive offers immediate email failover and disaster recovery and is compatible with all email providers
Live Archive Product Page:
Live Archive Technical Features:
ExchangeDefender is pleased to introduce the next generation of our email solutions.
We have supported and protected Exchange for over two decades and as well as managing security for every mail server solution on the Internet – trust us, we know email sucks. To help fix it – no matter where your email is, no matter if it’s Microsoft or Google or Amazon cloud – we needed to develop an email server that can run side by side. We are happy to show you the beginning of this adventure next Friday, where we will unveil the new product live… and a little surprise 🙂
ExchangeDefender LiveArchive is getting a major upgrade.
New, modern, responsive web interface that will make Gmail jealous. Potential not just to save your business but build a whole suite of solutions for business continuity, hybrid deployment to save licensing, backup offering, use your imagination. ExchangeDefender has built a mail server from the ground up with the focus on security that still enables your productivity. Join us and see it live! Q&A with the CEO to follow.
Join our upcoming Webinar
Friday, May 15, 11 AM
We strongly recommend business decision makers and IT personnel attend this meeting. We will be going over the new service launch, implementation and deployment, user notifications, service changes, and the product roadmap. As always, all of this will be done for you and on your behalf so “if you like the email experience you have now, you’ll get to keep your email experience” so if you just want it taken care of you don’t have to do a thing. If you’d like to understand how things will be deployed, changed, and upgraded then please make sure you attend.
ExchangeDefender Encryption enables organizations to securely send, receive, and manage confidential email, providing an easy, seamless way to implement content protection. ExchangeDefender uses bank-grade Encryption with 256-bit keys, to secure all encrypted emails.
We are proud to announce the brand new interface and full feature functionality and reporting for ExchangeDefender’s Corporate Encryption.
Let’s take a quick tour!
This is Corporate Encryption’s brand new dashboard view. It is the first page you see after logging in. Your recent messages and recent portal activity is available on your dashboard.
You can access your messages by tapping the Inbox tab. You can compose an encrypted message from this page. Encryption offers two levels of encryption, categorized by ENCRYPT and CLEARENCRYPT, and encrypts all email and attachments on every server where they reside.
The new web interface is sleek and modern, we have minimized the number of pages you visit to get things done. Finally, same page, one-click and done. You can select a recipient or a group to send the message to, the level of encryption, and even attach files.
Encryption enables you to create groups for contacts list to make it easier and faster for you to communicate with your most popular contacts. You can add as many groups and as many contacts as you like. By clicking your Contacts tab, you can create a new contact, and you can access information on all of your important clients.
To access ExchangeDefender Corporate Encryption, visit encryption.exchangedefender.com or login to your ExchangeDefender Admin portal > Quick Launch > Encryption
ExchangeDefender’s Web File Server, a secure document sharing and collaboration platform, is one of our most popular services this year. It offers businesses the ability to upload, manage and share files securely with coworkers or vendors. Our file sharing system makes it easy to quickly share a ton of large files without relying on email, clunky file servers, or cloud services primarily designed for file sync.
We are proud to announce the full release of Web File Server with full functionality and fresh new look.
Let’s take a quick tour:
From here users will be able to see an overview of their featured libraries. The last uploaded files to any of heir libraries and the last 15 events related to their libraries/documents/accounts.
The functions to add new libraries and groups, were added to the “Quick Actions” options. That way users will have them available from anywhere within the portal.
To create a new Library, the form was simplified to the following options:
- Custom name and description
- You can set up a custom password to protect the library. Recipients will need that password in order to be able to see the library (optional)
- You can set up an expiration time (optional)
- Customize your notifications configuration
- Customize the library permissions
To create a new Group, users must type a name, add a description (optional), and add as many recipients as they need.
From the list of libraries, users will have the ability to see each Library’s configuration, and the option to display the tables of their documents and recipients. You’ll also have the ability to add/delete documents, add/delete recipients, mark a library as featured, and delete a library. This was with the intention to let users to manage their libraries without going to a different view.
If you select one Library, you’ll be able to see all the Library’s information, including its configuration, individual recipients, groups, and files.
The documents will be displayed showing their name, who and when uploaded the last version, and description. Comments are displayed right below each file’s information. you’ll also have more options to choose from their documents list, such as Add comments, see each document’s versions and delete.
If you click on “Add a comment”, an inline form will be displayed at the bottom of the last comment.
If they click on “Delete”, a confirmation box will be displayed where they have to confirm/reject the action.
To add new documents, click on the button “+ Add files…” and select as many documents as you need (each document cannot exceed 500MB), then set the name and description of your preference and click the button “Start upload” to upload the documents to the server.
To manage the Library’s recipients/groups, find the box right below the box with that contains the Library’s information. From there you will be able to add more recipients or groups and delete.
To mark/unmark a library as featured, simply click the star located at the right-top of the information box.
Groups allow users to add multiple recipients to multiple libraries without the need of add recipients one by one each time. (please find a better way to explain this).From the groups list, users will be able to see their groups and their members, add/delete members and delete an existent group.
To Access Web File Server:
1 – Simply visit: wfs.exchangedefender.com
2 – Login to admin.exchangedefender.com > Quick Launch > Web File Server
3 – Visit www.exchangedefender.com > Login > Web File Server
ExchangeDefender is making it simple to reach all users in your organization using broadcast messages. This service is convenient for business cases where you need to reach every user at the client site or every single user protected by ExchangeDefender.
ExchangeDefender Broadcast Messages are easy, simple, automated, and free.
Simple – Sending a broadcast message is simple. Go to admin.exchangedefender.com, login as a Service Provider and click on Broadcast Messages.
Automatic – Broadcast Messages are always up to date and require no management or maintenance, for compliance purposes you can be certain every address on the domain will get the message.
Flexible – Messages support full HTML and our user friendly editor can help you design beautiful messages.
Branded – To save time, each message will automatically get the logo and contact information from the Service Provider contact information data.
To send a message simply go to https://admin.exchangedefender.com, login as the service provider , and click on Broadcast Messages.
You will be prompted to choose an audience: specific domains (allowing you to pick from the list) or everyone. Type your message and hit Preview. You will see your message here, and it looks exactly the same as your recipients will see it in their Inbox. There are two checkboxes on the bottom to insert your logo and insert a default signature. If you are happy with the look of it click on Submit and messages will be sent within 60 seconds.
Every now and then you will need to receive an email from someone that is on a compromised/spam network, or you’ll have to get an attachment that is blocked by corporate policy, or a domain with misconfigured SPF/DKIM domain – we see it every day and it’s incredibly frustrating for the users. On one hand, you have to adhere to the company IT policy but you also have to get the work done and many resort to using free mail systems that shouldn’t be allowed on corporate networks under any circumstance.
Or maybe you’re just signing up for something online and don’t want to deal with the SPAM that will probably come with it.
A Disposable Email Address
ExchangeDefender is pleased to announce disposable email addresses. They are free, simple to setup, mask your real email address, and they bypass all security policies.
You can setup as many disposable addresses as you wish, they can be created and deleted at any time.
Just go to https://admin.exchangedefender.com, login and click on Bypass Addresses
Bypass Addresses mask your entire address and domain (unlike less secure systems that just append + or . to the real address, that is easy to strip and spam)
Mail sent to bypass addresses isn’t checked for SPF, DKIM, spam content, infections, GeoIP, or other typical security restrictions.
Each email subject is modified to start with [WARNING! | BYPASS.XD External Message] so you don’t inadvertently open an email you were not expecting.
How to get started
Bypass Addresses are available to all ExchangeDefender Pro clients at https://admin.exchangedefender.com.
Simply login with your credentials for ExchangeDefender Admin portal, select “Bypass Addresses” under My Account, and click on the ” + Add New” button.
That’s it. The system will generate a random disposable email address and any mail delivered to it will automatically be passed on to the real address you select. It takes less than a minute for it to go live!
Once you’re gotten the email you’re expecting, you can return to the admin portal and delete the address. If you’ve created an email address for an e-commerce site or something that will likely generate a lot of SPAM, you can deactivate the email address and mail sent to it will not be delivered to your inbox. If at some point in the future you need to get email at that address again (forgotten password, two factor authentication, etc) your address is permanently attached to your account and can be reactivated in less than one minute.